Keycard Acquires Anchor.dev: Breaking the deadlock between autonomy, capability, and security.
AUTHOR
Ian Livingstone
SHARE
February 24, 2026
4 Min Read

Keycard Joins the Agentic AI Foundation

Keycard + AAIF

Today we're excited to announce that Keycard is joining the Agentic AI Foundation (AAIF) as a Gold Member, alongside Anthropic, Google, Cloudflare, OpenAI, Microsoft, AWS, and others.


We've been contributing to this since the beginning. Within days of Anthropic open-sourcing MCP, we kicked off the conversation around authentication and authorization on the MCP repo. We've continued ever since, helping shape the OAuth 2.1-based authorization specification now baked into MCP, and leading early implementations of emerging standards like Client ID Metadata Documents (CIMD).


Auth is one piece of a much bigger question. The platforms being built right now will determine whether the agent ecosystem is open or closed, whether agents can discover and act across a federated web, and whether developers can build and innovate freely without fighting the platforms that dominate it.


Get this wrong, and we end up with a deadlock: agents that are capable but insecure, or secure but too limited to be useful. Open platforms, built on shared standards, with security built in, are what break it.


Our mission is to unlock the agent ecosystem by giving developers and enterprises the secure, scalable foundations they need to build, deploy, and trust agentic applications. That mission is only possible if the underlying platforms are open. Proprietary protocols and closed APIs don't unlock an economy, they gate one and limit innovation.


So we're committing to three things as part of the AAIF:


  • Shaping the standards. We'll keep contributing to the specifications that make an open, permissionless, and secure agentic web possible, building on the work we've already done with MCP and CIMD.
  • Building in the open. Components of what we're building at Keycard will be contributed to the foundation as we develop them, so any developer can use them to build next generation applications without starting from scratch.
  • Supporting what emerges. As new open protocols and platforms become established, we'll adopt and support them, making sure developers can build and deploy agentic applications without needing to be experts in the infrastructure underneath.

Joining the AAIF is a continuation of the work we've been doing since MCP launched. Security was never meant to be an add-on to the agentic layer. It needs to be built into its foundation and that foundation needs to be open.


The internet's history is a story about what happens when you lower the barriers to building. TCP/IP let anyone connect to the network. TLS made those connections trustworthy. OAuth 2.1 let applications delegate access without sharing passwords. SAML and SCIM brought enterprises into the cloud by letting them extend their identity systems into SaaS without giving up control. Linux and Kubernetes put infrastructure that only large companies could previously afford in the hands of every developer.


Image

Chris Anderson's long tail describes what happened next. Open platforms don't just serve the mainstream, they make it economically viable to serve everyone else too. The web produced hundreds of thousands of online communities, vertical SaaS products built for niches enterprise software ignored, and open source projects maintained by people who cared deeply about specific problems. All of humanity, in some form, found a place. That only happened because the platforms underneath were open enough for anyone to build on and federated enough for everything to work together.


Consolidation kills that. When platforms close, the long tail collapses to whatever the platform owner decides to support. Innovation stalls, and everyone else integrates on someone else's terms and pays a massive tax for it.


Agentic AI is a similar shift, but the mechanics are different. Software used to do exactly what you told it to, one click at a time. Agents take intent and run with it, collapsing the interfaces, categories, and workflows we've spent thirty years building into something that computers can discover, reason about, and act against without human involvement.


Image

But that future is constrained by the same deadlock we described when we acquired Anchor. You can have an agent that is capable and autonomous, but not secure. Or secure and capable, but not autonomous.


An agent's capability is bounded by what data it can discover and access. Its security properties are only as strong as the protocols it uses to authenticate and get authorized. When those protocols are closed or fragmented, agents hit walls, they can't reach the services they need, can't establish trust across organizational boundaries, and teams are back to the same tradeoff: lock autonomy down to stay secure, or open things up and accept the risk.


Open, federated protocols change that equation. When agents can discover and connect to tools and services across the web using shared standards, capability expands without bespoke integrations or overscoped access. Security becomes a property of the protocol, not a tax on capability.


The long tail of the agent economy, the niche workflows, the vertical applications, the things nobody has thought to build yet, only exists if anyone can build them. That requires the same thing it always has: open platforms, shared standards, and the freedom to experiment.


We're looking forward to collaborating on MCP and other foundation projects, and contributing components of what we're building at Keycard to the foundation as we develop and open source them over time.


If you're building agents and care about this problem, join our Early Access program or follow the Foundation's work at aaif.io.


UNLOCK SECURE AIINFRASTRUCTURE

COMPANYCAREERSBLOGFAQPRESS MEDIA KIT
XINSTAGRAMGITHUBLINKEDIN
© 2026 Keycard Labs, Inc. All rights reserved.